[jira] [Commented] (HBASE-26746) Protobuf jar is vulnerable with CVE-2021-22569

Sean Busbey (Jira) Tue, 08 Feb 2022 10:32:01 -0800


    [ 
https://issues.apache.org/jira/browse/HBASE-26746?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17489062#comment-17489062
 ]


Sean Busbey commented on HBASE-26746:
-------------------------------------

will need to update hbase-thirdpary to protobuf.version 3.19.2+

> Protobuf jar is vulnerable with CVE-2021-22569
> ----------------------------------------------
>
>                 Key: HBASE-26746
>                 URL: https://issues.apache.org/jira/browse/HBASE-26746
>             Project: HBase
>          Issue Type: Bug
>          Components: Protobufs, thirdparty
>            Reporter: Pankaj Kumar
>            Priority: Minor
>
> Refer,
> https://nvd.nist.gov/vuln/detail/CVE-2021-22569



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (HBASE-26746) Protobuf jar is vulnerable with CVE-2021-22569

Reply via email to